SecurityPkg: Fix assert when setting key from eMMC/SD/USB
authorRoman Bacik <roman.bacik@broadcom.com>
Tue, 10 Jul 2018 22:51:05 +0000 (15:51 -0700)
committerLaszlo Ersek <lersek@redhat.com>
Thu, 12 Jul 2018 21:33:56 +0000 (23:33 +0200)
When secure boot is enabled, if one loads keys from a FAT formatted
eMMC/SD/USB when trying to provision PK/KEK/DB keys via the menu,
an assert in StrLen() occurs.
This is because the filename starts on odd address, which is not a uint16
aligned boundary: https://bugzilla.tianocore.org/show_bug.cgi?id=1003

There are further known issues with the OpenFileByDevicePath() function;
those are tracked by
<https://bugzilla.tianocore.org/show_bug.cgi?id=1008>.

Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Vladimir Olovyannikov <vladimir.olovyannikov@broadcom.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Roman Bacik <roman.bacik@broadcom.com>
Reviewed-by: "Yao, Jiewen" <jiewen.yao@intel.com>
[lersek@redhat.com: whitespace fixes]
[lersek@redhat.com: reference TianoCore BZ#1008]
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigFileExplorer.c

index 1b6f888..2a26c20 100644 (file)
@@ -123,6 +123,8 @@ OpenFileByDevicePath(
   EFI_FILE_PROTOCOL               *Handle1;\r
   EFI_FILE_PROTOCOL               *Handle2;\r
   EFI_HANDLE                      DeviceHandle;\r
+  CHAR16                          *PathName;\r
+  UINTN                           PathLength;\r
 \r
   if ((FilePath == NULL || FileHandle == NULL)) {\r
     return EFI_INVALID_PARAMETER;\r
@@ -173,6 +175,11 @@ OpenFileByDevicePath(
     //\r
     Handle2  = Handle1;\r
     Handle1 = NULL;\r
+    PathLength = DevicePathNodeLength (*FilePath) - sizeof (EFI_DEVICE_PATH_PROTOCOL);\r
+    PathName = AllocateCopyPool (PathLength, ((FILEPATH_DEVICE_PATH*)*FilePath)->PathName);\r
+    if (PathName == NULL) {\r
+      return EFI_OUT_OF_RESOURCES;\r
+    }\r
 \r
     //\r
     // Try to test opening an existing file\r
@@ -180,7 +187,7 @@ OpenFileByDevicePath(
     Status = Handle2->Open (\r
                           Handle2,\r
                           &Handle1,\r
-                          ((FILEPATH_DEVICE_PATH*)*FilePath)->PathName,\r
+                          PathName,\r
                           OpenMode &~EFI_FILE_MODE_CREATE,\r
                           0\r
                          );\r
@@ -192,7 +199,7 @@ OpenFileByDevicePath(
       Status = Handle2->Open (\r
                             Handle2,\r
                             &Handle1,\r
-                            ((FILEPATH_DEVICE_PATH*)*FilePath)->PathName,\r
+                            PathName,\r
                             OpenMode,\r
                             Attributes\r
                            );\r
@@ -202,6 +209,8 @@ OpenFileByDevicePath(
     //\r
     Handle2->Close (Handle2);\r
 \r
+    FreePool (PathName);\r
+\r
     if (EFI_ERROR(Status)) {\r
       return (Status);\r
     }\r